1423098002 Q * fstd Remote host closed the connection
1423098043 J * fstd ~fstd@xdsl-87-78-189-66.netcologne.de
1423105779 Q * derjohn_mob Read error: Connection reset by peer
1423105790 J * derjohn_mob ~aj@p578b6aa1.dip0.t-ipconnect.de
1423111633 M * undefined Bertl: is get_nsproxy the only kernel function that increments the namespace count?
1423111697 M * undefined i ask because i'm trying to debug why lxc-start can't/doesn't mount the /proc filesystem inside a container when running under a vserver patched kernel
1423111743 M * undefined i've turned on debugging/tracing for the lxc-start command but there's no difference in the output between the vs and non-vs cases
1423111777 M * undefined and i can't strace it because strace doesn't work across clone calls (or so it appears)
1423111814 M * undefined so i decided to turn on vserver debugging (at least under the vserver-patched kernel case)
1423111883 M * undefined and in the kernel logs i see the get_nsproxy() debug log message jump from a count of 6 to 69
1423111890 M * undefined nevermind, different namespaces
1423111900 M * Bertl there is a tool which helps you to answer such questions, it is called cscope
1423111920 M * Bertl it's a little dated, but it work reasonably fine on the kernel sources
1423111952 M * undefined sounds familiar (not that i've ever used it)
1423111955 M * Bertl you can search for e.g. ns->count
1423111969 M * Bertl and you'll see that it shows up at least 16 times
1423111991 M * undefined ah, like ctags
1423111996 M * Bertl for the increment part, you can then filter the result with grep atomic_inc
1423112031 M * Bertl which gives you 4 results
1423112041 M * Bertl   File                           Line
1423112041 M * Bertl 0 fs/mount.h                     102 atomic_inc(&ns->count);
1423112041 M * Bertl 1 include/linux/ipc_namespace.h  141 atomic_inc(&ns->count);
1423112041 M * Bertl 2 include/linux/nsproxy.h         82 atomic_inc(&ns->count);
1423112041 M * Bertl 3 include/linux/user_namespace.h  50 atomic_inc(&ns->count);
1423112221 M * Bertl so the problem seems to be that inside an LXC container, /proc is not mounted when the kernel is Linux-VServer patched, yes?
1423112231 M * undefined yes
1423112248 M * Bertl with identical configuration (except for the Linux-VServer specific parts) it works fine on the same but unpatched kernel, yes?
1423112251 M * undefined the weird thing is that i can enter the lxc-based container and mount /proc manually
1423112281 M * undefined yes, with an identical configuration lxc-start mounts /proc
1423112301 M * undefined yes, with an identical configuration *minus the vserver patch* lxc-start mounts /proc
1423112331 M * undefined i tried lxc-unshare (like util-linux unshare) and can't replicate the problem
1423112377 M * Bertl when you mount it inside the the container (later) did you try mounting it on a different location and check /proc/mounts for evidence of a /proc mount?
1423112410 M * Bertl i.e. maybe it got mounted but with 'unfortunate' options/visibility?
1423112425 M * undefined you mean see if the /proc is leaking through to the container?
1423112429 M * undefined i'm checking now
1423112449 M * undefined i think /proc is leaking PIDs, but i might be misremembering
1423112836 M * undefined okay
1423112863 M * undefined when entering the lxc container (under a vserver-patched kernel) there is a /proc
1423112873 M * undefined and it looks correct
1423112888 M * undefined except the pids can't be dereferenced
1423112903 M * undefined and that affects /proc/mounts
1423112911 M * undefined because that's a symlink to /proc/self/mounts
1423112915 M * Bertl yup
1423112918 M * undefined but /proc/self is a broken symlink
1423112937 M * undefined it's like the problem with PIDNS that AlexanderS mentioned previously
1423112941 M * Bertl so this is still despite the pidns fix?
1423112953 M * undefined yeah, i've applied the pidns fix
1423112965 M * Bertl try to enable the logging in this part
1423113078 M * undefined hold on
1423113085 M * undefined maybe the pid ns fix isn't applied
1423113093 M * undefined grrr, if it's not, i sure feel stupid
1423113199 M * undefined i might have "--dry-run" it but got distracted... err, i mean "multitasked" and lost a few registers and context switching back
1423113216 M * Bertl happens, no problem mate
1423114207 M * undefined argh, i just recreated my linux-3.14.31-vs2.3.6.14-pidns-userns kernel source and diffed it against what i've been testing and indeed it is missing the pidns fix
1423120192 J * Ghislain ~aqueos@adsl1.aqueos.com
1423123228 M * undefined grumble, grumble
1423123240 M * undefined with the pidns fix lxc works now
1423123242 M * undefined stupid me
1423123254 M * undefined thanks, Bertl!
1423123371 Q * derjohn_mob Ping timeout: 480 seconds
1423124792 Q * Romster Quit: Geeks shall inherit properties and methods of object earth.
1423124838 J * derjohn_mob ~aj@fw.gkh-setu.de
1423126411 Q * derjohn_mob Ping timeout: 480 seconds
1423126854 J * BenG ~BenG@cpc29-aztw22-2-0-cust128.18-1.cable.virginm.net
1423127012 J * derjohn_mob ~aj@fw.gkh-setu.de
1423127735 Q * derjohn_mob Ping timeout: 480 seconds
1423128218 J * derjohn_mob ~aj@fw.gkh-setu.de
1423128421 M * Bertl off to bed now ... have a good one everyone!
1423128429 N * Bertl Bertl_zZ
1423131432 J * Romster ~Romster@202.168.100.149.dynamic.rev.eftel.com
1423131873 Q * Jb_boin Remote host closed the connection
1423132845 J * Jb_boin ~dedior@proxad.eu
1423136228 Q * Romster Quit: Geeks shall inherit properties and methods of object earth.
1423137560 J * Romster ~Romster@202.168.100.149.dynamic.rev.eftel.com
1423137727 J * __zerick ~zerick@179.7.80.132
1423137878 Q * __zerick 
1423137957 J * _zerick_ ~zerick@179.7.80.132
1423138667 Q * Romster Quit: Geeks shall inherit properties and methods of object earth.
1423138751 Q * Aiken Remote host closed the connection
1423138806 J * Romster ~Romster@202.168.100.149.dynamic.rev.eftel.com
1423141202 Q * fstd Remote host closed the connection
1423141241 Q * Romster Quit: Geeks shall inherit properties and methods of object earth.
1423141250 J * fstd ~fstd@xdsl-87-78-10-106.netcologne.de
1423141434 J * Romster ~Romster@202.168.100.149.dynamic.rev.eftel.com
1423142243 Q * ensc Ping timeout: 480 seconds
1423142925 Q * BenG Quit: I Leave
1423153566 Q * derjohn_mob Ping timeout: 480 seconds
1423155991 J * derjohn_mob ~aj@88.128.80.154
1423156205 N * Bertl_zZ Bertl
1423156206 M * Bertl morning folks!
1423156225 M * Ghislain hello
1423156246 M * Ghislain seen the lxfs ? i guess this could be used in vserver as well
1423156289 M * Ghislain it is used to mount cgroups inside a container so permitting systemd to work
1423156367 M * Ghislain and i mean by that without cap_sysadmin
1423156441 J * bonbons ~bonbons@2001:a18:209:4101:71d3:e3ed:2fa4:ef22
1423156497 M * Bertl sounds good, so you got a systemd based distro to work inside a guest?
1423156562 M * Ghislain i just stumbled upon this, not tried yet but this sound good as it is done exactly for this purpose
1423156755 M * AlexanderS I thought of simply mounting cgroups inside a container. Therefor I will try to wrap a vserver in a pid namespace, as soon as the 3.18 kernel is usable ;)
1423157071 M * undefined AlexanderS: what is the 3.18 kernel lacking (to make it usable for you)?
1423157875 M * Ghislain undefined: i too also heard that there was issues on 3.18 that Bertl was working on but perhaps this is solved since then
1423158090 M * undefined Ghislain: all the issues that i know of i have provided patches for on the mailing list
1423158103 M * undefined 1. vshelper
1423158125 M * undefined 2. cxgbi
1423158616 Q * derjohn_mob Ping timeout: 480 seconds
1423159262 M * AlexanderS undefined: nothing, I am just too lazy to build my own package and I am just waiting for a new kernel from ben ;)
1423159830 M * undefined AlexanderS: ah, i see!
1423167574 J * Aiken ~Aiken@d63f.h.jbmb.net
1423170056 Q * bonbons Quit: Leaving
1423170200 J * bonbons ~bonbons@2001:a18:209:4101:889f:d3d4:4082:82f6
1423173115 Q * bonbons Quit: Leaving
1423174627 M * Bertl undefined: http://vserver.13thfloor.at/Experimental/patch-3.18.5-vs2.3.7.2.diff
1423174639 M * Bertl please check if I got everything right this time :)
1423174656 M * Bertl off for a nap ... bbl
1423174666 N * Bertl Bertl_zZ
1423175387 M * undefined Bertl_zZ: no semantic difference, but syntactically you put vshelper at the top of kern_table where in 3.14 you put it in the middle (between uevent_helper and sg-big-buff)
1423175428 M * undefined probably easier to notice when you accidentally put it under the vm subdirectory instead of kernel this way ;)
1423176821 Q * _zerick_ Remote host closed the connection